README
================
SQLI-LABS is a platform to learn SQLI
Following labs are covered for GET and POST scenarios:
1. Error Based Injections (Union Select)
1. String
2. Intiger
2. Error Based Injections (Double Injection Based)
3. BLIND Injections:
1.Boolian Based
2.Time Based
4. Update Query Injection.
5. Insert Query Injections.
6. Header Injections.
1.Referer based.
2.UserAgent based.
3.Cookie based.
7. Second Order Injections
8. Bypassing WAF
1. Bypassing Blacklist filters
Stripping comments
Stripping OR & AND
Stripping SPACES and COMMENTS
Stripping UNION & SELECT
2. Impidence mismatch
9. Bypass addslashes()
10. Bypassing mysql_real_escape_string. (under special conditions)
11. Stacked SQL injections.
12. Secondary channel extraction
========================================================================================
Install Instructions:
1. Unzip the contents inside the apache folder, for example under /var/www
2. This will create a folder sql-labs under it. else you can use git command from within /var/www folder.
/var/www folder and then use following command> git clone https://github.com/Audi-1/sqli-labs.git sqli-labs
3. Open the file "db-creds.inc" which is under sql-connections folder inside the sql-labs folder.
4. Update your MYSQL database username and password.(default for Backtrack are used root:toor)
5. From your browser access the sql-labs folder to load index.html
6. Click on the link setup/resetDB to create database, create tables and populate Data.
7. Labs ready to be used, click on lesson number to open the lesson page.
8. Enjoy the labs
==========================================================================================
Corrosponding walkthrough video tutorials and explainations can be found at:
1. http://dummy2dummies.blogspot.com
2. http://www.securitytube.net/user/Audi
3. https://www.facebook.com/sqlilabs
you can also find the read along book at https://leanpub.com/SQLI-LABS, work is under process.
==========================================================================================
Challenge Section added:
Less-54 to Less - 61 special challenge lessons added to repository for testing skills learnt from the other Lab lessons.
==========================================================================================
sqli-labs.zip (566个子文件) 
treestyles.css 4KB freemind2html.css 1KB freemind2html.css 1KB freemind2html.css 1KB freemind2html.css 1KB
index-3.html 8KB index.html 8KB index-1.html 8KB index-2.html 6KB db-creds.inc 164B
pass-forgot.jpg 55KB waf.jpg 43KB Less-58.jpg 40KB acc-create.jpg 39KB Less-56.jpg 39KB Less-55.jpg 38KB Less-59.jpg 38KB Less-57.jpg 38KB Less-54.jpg 37KB Less-60.jpg 36KB Less-65.jpg 35KB flag1.jpg 35KB Less-61.jpg 35KB Less-62.jpg 35KB Less-28-1.jpg 35KB Less-24-user-created.jpg 35KB Less-26a-1.jpg 35KB Less-64.jpg 34KB Less-29-1.jpg 34KB Less-63.jpg 33KB Less-66.jpg 32KB Less-28a-1.jpg 31KB Less-54-1.jpg 30KB Less-54-2.jpg 29KB slap1.jpg 29KB Less-27a.jpg 28KB Less-28a.jpg 28KB Less-27a-1.jpg 27KB Less-27-1.jpg 27KB Less-51.jpg 27KB Less-52.jpg 27KB Less-30.jpg 26KB Less-25.jpg 26KB Less-53.jpg 26KB Less-30-1.jpg 26KB Less-3a.jpg 26KB Less-21.jpg 26KB Less-25a.jpg 26KB Less-28.jpg 26KB Less-10.jpg 26KB Less-20.jpg 26KB Less-26-a.jpg 26KB Less-31-1.jpg 25KB Less-26.jpg 25KB Less-29.jpg 25KB Less-40.jpg 25KB Less-34.jpg 25KB Less-25-1.jpg 25KB Less-25a-1.jpg 25KB Less-26-1.jpg 25KB Less-50.jpg 25KB Less-32.jpg 25KB Less-48.jpg 24KB Less-36.jpg 24KB Less-2.jpg 24KB Less-27.jpg 24KB Less-31.jpg 24KB Less-33.jpg 24KB Less-35.jpg 24KB Less-49.jpg 24KB Less-22.jpg 24KB Less-6.jpg 24KB Less-42.jpg 24KB Less-8.jpg 24KB Less-4.jpg 24KB Less-3.jpg 24KB Less-9.jpg 24KB Less-5.jpg 23KB Less-46.jpg 23KB Less-38.jpg 23KB Less-43.jpg 23KB Logged-in.jpg 23KB Less-44.jpg 23KB Less-50-1.jpg 22KB Less-7.jpg 22KB flag.jpg 22KB password-updated.jpg 21KB Less-47.jpg 21KB Less-23.jpg 21KB Less-41.jpg 21KB Less-39.jpg 21KB slap.jpg 20KB Less-24-new-user.jpg 20KB Less-45.jpg 20KB Less-37.jpg 19KB Less-1.jpg 19KB Less-24.jpg 18KB marktree.js 11KB readme.md 2KB readme.md~ 2KB共 566 条
- 1
- 2
- 3
- 4
- 5
- 6
资源评论
